CVE-2017-7480 log

Severity High
Remote Yes
Type Arbitrary code execution
rkhunter downloads updates over a plain HTTP link with a version certificate that can be faked. A potential man-in-the-middle attack can lead to the execution of arbitrary code.
Group Package Affected Fixed Severity Status Ticket
AVG-334 rkhunter 1.4.2-2 1.4.4-1 High Fixed
Date Advisory Group Package Severity Type
18 Jul 2017 ASA-201707-24 AVG-334 rkhunter High arbitrary code execution